<?php
declare (strict_types=1);

namespace app\middleware;

use http\Env\Response;

class Check
{
    protected $allowAction = [
      'register',
      'login','notify','upload_img','scope_list','delete_img','test'
    ]; // 不验证token的操作
    /**
     * 处理请求
     *
     * @param \think\Request $request
     * @param \Closure $next
     * @return Response
     */
    public function handle($request, \Closure $next)
    {
        header('Access-Control-Allow-Origin:*');
        header('Access-Control-Allow-Methods:*');
        header('Access-Control-Allow-Headers:*');
        header('Access-Control-Allow-Credentials:false');
        if (!in_array($request->action(true), $this->allowAction)) {
            if (!$request->isPost()) return jsonFail('请采用正确的方式登录!');
            $token = $request->param('token');
            if (empty($token)) return jsonFail('登录失效 重新登录');
            $redis = new \Redis();
            $redis->connect('127.0.0.1');
            $id = $redis->get($token);
            if (empty($id)) return jsonFail('登录失效，请重新登录');
        }
        return $next($request);
    }
}
